[dpdk-dev] [PATCH v2] ivshmem: fix race condition

Burakov, Anatoly anatoly.burakov at intel.com
Fri Apr 1 13:30:55 CEST 2016


> The memory zone could be freed just after adding it to the metadata
> file and just before marking it as not freeable.
> This patch changes the locking logic in order to prevent it.
> 
> Fixes: cd10c42eb5bc ("mem: fix ivshmem freeing")
> 
> Signed-off-by: Mauricio Vasquez B
> <mauricio.vasquezbernal at studenti.polito.it>
> ---
>  lib/librte_ivshmem/rte_ivshmem.c | 22 +++++++++++++---------
>  1 file changed, 13 insertions(+), 9 deletions(-)
> 
> diff --git a/lib/librte_ivshmem/rte_ivshmem.c
> b/lib/librte_ivshmem/rte_ivshmem.c
> index 8fc4b57..013c3eb 100644
> --- a/lib/librte_ivshmem/rte_ivshmem.c
> +++ b/lib/librte_ivshmem/rte_ivshmem.c
> @@ -471,10 +471,21 @@ add_memzone_to_metadata(const struct
> rte_memzone * mz,
>  		struct ivshmem_config * config)
>  {
>  	struct rte_ivshmem_metadata_entry * entry;
> -	unsigned i;
> +	unsigned i, idx;
> +	struct rte_mem_config *mcfg;
> +
> +	if(mz->len == 0) {
> +		RTE_LOG(ERR, EAL, "Trying to add an empty memzone\n");
> +		return -1;
> +	}
> 
>  	rte_spinlock_lock(&config->sl);
> 
> +	mcfg = rte_eal_get_configuration()->mem_config;
> +
> +	/* it prevents the memzone being freed while we add it to the
> metadata */
> +	rte_rwlock_write_lock(&mcfg->mlock);
> +
>  	/* find free slot in this config */
>  	for (i = 0; i < RTE_DIM(config->metadata->entry); i++) {
>  		entry = &config->metadata->entry[i];
> @@ -504,13 +515,6 @@ add_memzone_to_metadata(const struct
> rte_memzone * mz,
>  				config->metadata->name);
>  		goto fail;
>  	}
> -#ifdef RTE_LIBRTE_IVSHMEM
> -	struct rte_mem_config *mcfg;
> -	unsigned int idx;
> -
> -	mcfg = rte_eal_get_configuration()->mem_config;
> -
> -	rte_rwlock_write_lock(&mcfg->mlock);
> 
>  	idx = ((uintptr_t)mz - (uintptr_t)mcfg->memzone);
>  	idx = idx / sizeof(struct rte_memzone);
> @@ -519,10 +523,10 @@ add_memzone_to_metadata(const struct
> rte_memzone * mz,
>  	mcfg->memzone[idx].ioremap_addr = mz->phys_addr;
> 
>  	rte_rwlock_write_unlock(&mcfg->mlock);
> -#endif
>  	rte_spinlock_unlock(&config->sl);
>  	return 0;
>  fail:
> +	rte_rwlock_write_unlock(&mcfg->mlock);
>  	rte_spinlock_unlock(&config->sl);
>  	return -1;
>  }
> --
> 1.9.1

Acked-by: Anatoly  Burakov <anatoly.burakov at intel.com>


More information about the dev mailing list